Fix droits

2025-06-21 01:18:21 +02:00 · 2017-07-04 01:12:51 +02:00
parent 15221db62f
commit dee26e3eda
12 changed files with 31 additions and 23 deletions
--- a/users/templates/users/aff_clef.html
+++ b/users/templates/users/aff_clef.html
@ -37,8 +37,10 @@ with this program; if not, write to the Free Software Foundation, Inc.,
 	    <td>{{ clef.proprio }}</td>
 	    <td>{{ clef.commentaire }}</td>
            <td class="text-right">
+                {% if is_bureau %}
                {% include 'buttons/edit.html' with href='users:edit-clef' id=clef.id %}
                {% include 'buttons/suppr.html' with href='users:del-clef' id=clef.id %}
+                {% endif %}
                {% include 'buttons/history.html' with href='users:history' name='clef' id=clef.id %}
            </td>
        </tr>
--- a/users/templates/users/aff_listright.html
+++ b/users/templates/users/aff_listright.html
@ -36,7 +36,9 @@ with this program; if not, write to the Free Software Foundation, Inc.,
            <td>{{ listright.listright }}</td>
 	    <td>{{ listright.details }}</td>
            <td class="text-right">
+                {% if is_bureau %}
                {% include 'buttons/edit.html' with href='users:edit-listright' id=listright.id %}
+                {% endif %}
                {% include 'buttons/history.html' with href='users:history' name='listright' id=listright.id %}
            </td>
        </tr>
--- a/users/templates/users/index_clef.html
+++ b/users/templates/users/index_clef.html
@ -29,7 +29,7 @@ with this program; if not, write to the Free Software Foundation, Inc.,

 {% block content %}
  <h2>Liste des clef</h2>
-  {% if is_perm %}
+  {% if is_bureau %}
  <a class="btn btn-primary btn-sm" role="button" href="{% url 'users:add-clef'  %}"><i class="glyphicon glyphicon-plus"></i> Ajouter une clef</a>
  {% endif %}
  {%  include "users/aff_clef.html" with  clef_list=clef_list %}
--- a/users/templates/users/index_listright.html
+++ b/users/templates/users/index_listright.html
@ -29,8 +29,10 @@ with this program; if not, write to the Free Software Foundation, Inc.,

 {% block content %}
  <h2>Liste des droits</h2>
+  {% if is_bureau %}
  <a class="btn btn-primary btn-sm" role="button" href="{% url 'users:add-listright'  %}"><i class="glyphicon glyphicon-plus"></i> Ajouter un droit ou groupe</a>
  <a class="btn btn-danger btn-sm" role="button" href="{% url 'users:del-listright'  %}"><i class="glyphicon glyphicon-trash"></i> Supprimer un ou plusieurs droits/groupes</a>
+  {% endif %}
  {%  include "users/aff_listright.html" with  listright_list=listright_list %}
  <br />
  <br />
--- a/users/templates/users/profil.html
+++ b/users/templates/users/profil.html
@ -105,7 +105,9 @@ with this program; if not, write to the Free Software Foundation, Inc.,
        </tr>
    </table>
    <h2>Emprunts</h2>
+    {% if is_perm or is_bureau %}
    <h4><a class="btn btn-primary btn-sm" role="button" href="{% url 'media:add-emprunt' user.id %}"><i class="glyphicon glyphicon-flag"></i> Ajouter</a></h4>
+    {% endif %}
    {% if emprunts_list %}
    {% include "media/aff_emprunts.html" with emprunts_list=emprunts_list %}
    {% else %}
--- a/users/templates/users/sidebar.html
+++ b/users/templates/users/sidebar.html
@ -25,11 +25,13 @@ with this program; if not, write to the Free Software Foundation, Inc.,


 {% block sidebar %}
-    {% if is_perm %}
+        {% if is_bureau %}
        <a class="list-group-item list-group-item-success" href="{% url "users:new-user" %}">
            <i class="glyphicon glyphicon-plus"></i>
            Créer un adhérent
        </a>
+        {% endif %}
+        {% if is_perm %}
        <a class="list-group-item list-group-item-info" href="{% url "users:index" %}">
            <i class="glyphicon glyphicon-list"></i>
            Adhérents
--- a/users/views.py
+++ b/users/views.py
@ -85,7 +85,7 @@ def reset_passwd_mail(req, request):


@login_required
-@permission_required('perm')
+@permission_required('bureau')
 def new_user(request):
    """ Vue de création d'un nouvel utilisateur, envoie un mail pour le mot de passe"""
    user = BaseInfoForm(request.POST or None)
@ -111,10 +111,10 @@ def edit_info(request, userid):
    except User.DoesNotExist:
        messages.error(request, "Utilisateur inexistant")
        return redirect("/users/")
-    if not request.user.has_perms(('perm',)) and user != request.user:
+    if not request.user.has_perms(('bureau',)) and user != request.user:
        messages.error(request, "Vous ne pouvez pas modifier un autre user que vous sans droit admin")
        return redirect("/users/profil/" + str(request.user.id))
-    if not request.user.has_perms(('perm',)):
+    if not request.user.has_perms(('bureau',)):
        user = BaseInfoForm(request.POST or None, instance=user)
    else:
        user = InfoForm(request.POST or None, instance=user)
@ -156,7 +156,7 @@ def password(request, userid):
    except User.DoesNotExist:
        messages.error(request, "Utilisateur inexistant")
        return redirect("/users/")
-    if not request.user.has_perms(('perm',)) and user != request.user:
+    if not request.user.has_perms(('bureau',)) and user != request.user:
        messages.error(request, "Vous ne pouvez pas modifier un autre user que vous sans droit admin")
        return redirect("/users/profil/" + str(request.user.id))
    u_form = PassForm(request.POST or None)
@ -266,7 +266,7 @@ def index_listright(request):
    return render(request, 'users/index_listright.html', {'listright_list':listright_list})

@login_required
-@permission_required('perm')
+@permission_required('bureau')
 def add_clef(request):
    clef = ClefForm(request.POST or None)
    if clef.is_valid():
@ -279,7 +279,7 @@ def add_clef(request):
    return form({'userform': clef}, 'users/user.html', request)

@login_required
-@permission_required('perm')
+@permission_required('bureau')
 def edit_clef(request, clefid):
    try:
        clef_instance = Clef.objects.get(pk=clefid)
@ -297,7 +297,7 @@ def edit_clef(request, clefid):
    return form({'userform': clef}, 'users/user.html', request)

@login_required
-@permission_required('perm')
+@permission_required('bureau')
 def del_clef(request, clefid):
    try:
        clef_instance = Clef.objects.get(pk=clefid)
@ -353,7 +353,7 @@ def history(request, object, id):
        except Clef.DoesNotExist:
             messages.error(request, "Utilisateur inexistant")
             return redirect("/users/")
-    elif object == 'listright' and request.user.has_perms(('perm',)):
+    elif object == 'listright':
        try:
             object_instance = ListRight.objects.get(pk=id)
        except ListRight.DoesNotExist:
@ -387,7 +387,7 @@ def profil(request, userid):
        messages.error(request, "Utilisateur inexistant")
        return redirect("/users/")
    if not request.user.has_perms(('perm',)) and users != request.user:
-        messages.error(request, "Vous ne pouvez pas afficher un autre user que vous sans droit admin")
+        messages.error(request, "Vous ne pouvez pas afficher un autre user que vous sans droit perm")
        return redirect("/users/profil/" + str(request.user.id))
    emprunts_list = Emprunt.objects.filter(user=users)
    list_droits = Right.objects.filter(user=users)